Getting Started with the PKCS#11 Tracer
On this page we will show you how to use the Cryptosense PKCS#11 Tracer to obtain a cryptography trace from a PKCS#11 application.
Prerequisites
Before you use the PKCS#11 Tracer, make sure you have followed the installation instructions.
You will also need a PKCS#11 application that you know how to start from a command line terminal.
Tracing the application
To trace an application:
- Configure the application to use the tracer DLL (
pkcs11_tracer.so
) instead of its original DLL. - Configure the tracer to redirect PKCS#11 calls to the original DLL with the
CS_DLL_TARGET
environment variable.
export CS_DLL_TARGET=/path/to/real/dll
- Choose a directory where the application has write access and configure it to receive the traces generated.
export CS_OUTPUT_DIR=/path/to/trace/output/directory
And run the application from the command line:
./application
Once the application finishes executing, a trace and log files will be produced in the output directory:
/path/to/trace/output/directory
├── trace_2022-06-08-15-32-30-693-17920.cst.gz
└── log_2022-06-08-15-32-30-693-17920.log
The resulting trace can now be uploaded to the Cryptosense Analyzer Platform.
See the manual to learn how to use the rest of parameters offered by the tracer.